protected override SignedXml ReadSignatureCore(XmlDictionaryReader signatureReader)
        {
            SignedXml xml = new SignedXml(ServiceModelDictionaryManager.Instance, base.StandardsManager.SecurityTokenSerializer);

            xml.Signature.SignedInfo.ResourcePool = base.ResourcePool;
            xml.ReadFrom(signatureReader);
            return(xml);
        }
Example #2
0
        protected void ReadSignature(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver, SamlSerializer samlSerializer)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (samlSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlSerializer");
            }

            if (this.signature != null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SAMLSignatureAlreadyRead)));
            }

            // If the reader cannot canonicalize then buffer the signature element to a canonicalizing reader.
            XmlDictionaryReader effectiveReader = reader;

            if (!effectiveReader.CanCanonicalize)
            {
                MemoryStream        stream = new MemoryStream();
                XmlDictionaryWriter writer = XmlDictionaryWriter.CreateBinaryWriter(stream, samlSerializer.DictionaryManager.ParentDictionary);
                writer.WriteNode(effectiveReader, false);
                writer.Flush();
                stream.Position = 0;
                effectiveReader = XmlDictionaryReader.CreateBinaryReader(stream.GetBuffer(), 0, (int)stream.Length, samlSerializer.DictionaryManager.ParentDictionary, reader.Quotas);
                effectiveReader.MoveToContent();
                writer.Close();
            }
            SignedXml signedXml = new SignedXml(new StandardSignedInfo(samlSerializer.DictionaryManager), samlSerializer.DictionaryManager, keyInfoSerializer);

            signedXml.TransformFactory = ExtendedTransformFactory.Instance;
            signedXml.ReadFrom(effectiveReader);
            SecurityKeyIdentifier securityKeyIdentifier = signedXml.Signature.KeyIdentifier;

            this.verificationKey = SamlSerializer.ResolveSecurityKey(securityKeyIdentifier, outOfBandTokenResolver);
            if (this.verificationKey == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToResolveSignatureKey, this.issuer)));
            }

            this.signature    = signedXml;
            this.signingToken = SamlSerializer.ResolveSecurityToken(securityKeyIdentifier, outOfBandTokenResolver);
            if (this.signingToken == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SamlSigningTokenNotFound)));
            }

            if (!ReferenceEquals(reader, effectiveReader))
            {
                effectiveReader.Close();
            }
        }
        protected void ReadSignature(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver, SamlSerializer samlSerializer)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }
            if (samlSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlSerializer");
            }
            if (this.signature != null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.IdentityModel.SR.GetString("SAMLSignatureAlreadyRead")));
            }
            XmlDictionaryReader reader2 = reader;

            if (!reader2.CanCanonicalize)
            {
                MemoryStream        stream = new MemoryStream();
                XmlDictionaryWriter writer = XmlDictionaryWriter.CreateBinaryWriter(stream, samlSerializer.DictionaryManager.ParentDictionary);
                writer.WriteNode(reader2, false);
                writer.Flush();
                stream.Position = 0L;
                reader2         = XmlDictionaryReader.CreateBinaryReader(stream.GetBuffer(), 0, (int)stream.Length, samlSerializer.DictionaryManager.ParentDictionary, reader.Quotas);
                reader2.MoveToContent();
                writer.Close();
            }
            SignedXml xml = new SignedXml(new StandardSignedInfo(samlSerializer.DictionaryManager), samlSerializer.DictionaryManager, keyInfoSerializer)
            {
                TransformFactory = ExtendedTransformFactory.Instance
            };

            xml.ReadFrom(reader2);
            SecurityKeyIdentifier keyIdentifier = xml.Signature.KeyIdentifier;

            this.verificationKey = SamlSerializer.ResolveSecurityKey(keyIdentifier, outOfBandTokenResolver);
            if (this.verificationKey == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToResolveSignatureKey", new object[] { this.issuer })));
            }
            this.signature    = xml;
            this.signingToken = SamlSerializer.ResolveSecurityToken(keyIdentifier, outOfBandTokenResolver);
            if (this.signingToken == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SamlSigningTokenNotFound")));
            }
            if (!object.ReferenceEquals(reader, reader2))
            {
                reader2.Close();
            }
        }